There is as reflected cross site scripting issue in Esri ArcGIS Server versions 10.9.1 and below which may allow a remote unauthorized attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Esri

Published: 2022-10-25T16:32:09.865172Z

Updated: 2024-09-16T22:02:55.747Z

Reserved: 2022-08-12T00:00:00

Link: CVE-2022-38195

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-10-25T17:15:55.257

Modified: 2024-11-21T07:15:58.737

Link: CVE-2022-38195

cve-icon Redhat

No data.